Murray S. Kucherawy wrote:
Keith Moore
That's not to say that I want MSAs to forward thoroughly broken
messages; I don't. But once a message leaves the MSA, I think the
opportunity to provide any kind of useful feedback to the submitter has
probably passed.
Where the MSA is under the control of someone that wants to
exploit browser or MUA weaknesses, or doesn't care about
standards as long as his/her crap gets to the inbox, doesn't
that view of the world means there's no hope for improvement?
Isn't this a different problem - compromised users?
When there is a compromised MSA user, there are other more serious
issues to address - like detecting by whatever means and lock the
user/machine out immediately. It could be stolen user credentials or
machine compromised for users who are still IP based authorized by
their ISP network. I seriously doubt the compromised user/machine is
going to use the same user MUA to blast spam, it could, but then the
user can see that something is wrong.
This gives more weight to the idea to not tolerate standards
violations. Relaxing on standards makes it more difficult to use a
delta in MUA compliance behavior as good or bad.
--
HLS